Security

AuraQuantic has different security systems such as access control, permissions and various types of authentication. In addition, the platform offers database and user interface level encryption.

AuraQuantic security includes:

AuraQuantic is certified and complies with regulations and standards including ISO 9001, ISO 27001, HIPAA and the Spanish National Security Scheme (ENS). In addition, it periodically carries out white box and black box security audits.

Security certifications

AuraQuantic is certified and complies with regulations and standards including ISO 9001, ISO 27001, HIPAA and the Spanish National Security Scheme (ENS). In addition, it periodically carries out white box and black box security audits.

AuraQuantic customers’ cloud infrastructure is hosted in data centers provided by Microsoft, world leaders in compliance and security.

Platform authentication can be customized for internal employee users, external users, and for incoming and outgoing API connections. - AuraQuantic

Authentication

Platform authentication can be customized for internal employee users, external users, and for incoming and outgoing API connections.

Available authentication methods include:

  • Active Directory (AD) and Azure Active Directory (AAD)
  • OAuth v2.0 (Customer credentials and authorization code)
  • IIS (Internet Information Services)
  • SQL authentication
  • Forms
  • Kerberos
  • API Key

Single Sign-On can be configured through OpenID, Integrated Authentication, or SAML and ADFS.

Multi-factor authentication reinforces protection against credential theft or improper access. - AuraQuantic

Multi-factor authentication

Multi-factor authentication reinforces protection against credential theft or improper access.

AuraQuantic provides this protection through the AuraQuantic mobile app or through integration with other authentication providers such as Microsoft or Google.

Using Microsoft Azure as an identity provider makes is possible to configure conditional access, so that a user can only access from authorized devices or from a specific geographical area.

Data encryption - AuraQuantic

Data encryption

  • Contextual encryption

End-to-end encryption and data obfuscation depending on the user, their role and permissions. Encryption is supported from the user interface and from the database server.

  • Encryption in transit

Some of the tools to protect data in transit are: encryption through a VPN tunnel or encryption through HTTPS connections with TLS/SSL digital certificates.

Secure Rooms are virtual containers that can include any element of the platform to define their security and permissions. - AuraQuantic

Secure rooms

Secure rooms are virtual containers that can include any element of the platform to define their security and permissions. Permissions are assigned by the user role and security level.

AuraQuantic can identify the fields that contain personal data, their level of protection and their category in accordance with the General Data Protection Regulation (GDPR).

Personal data protection

AuraQuantic can identify the fields that contain personal data, their level of protection and their category in accordance with the General Data Protection Regulation (GDPR).

Processes automated with AuraQuantic have guaranteed compliance with this regulation, ensuring correct registration of personal data processing, alerts and the corresponding official notifications.

AuraQuantic incorporates security mechanisms that include contextual encryption

AuraQuantic’s advanced encryption offers dynamic visibility, hiding or displaying data depending on who is interacting with the interface.